Take a look at port 4028. Thanks to Bill for sharing an analysis that concluded a piece of malware was an Aidra botnet client. His shared analysis asks for a deeper look at port 4028. I found a published write up from Symantec. [1]

After looking at our port 4028 data [2], there is reason to watch for it. Please chime in if you are seeing any traffic on port 4028.

Independent security journalist Brian Krebs has uncovered important new details about the hack that compromised as many as 110 million Target customers, including the malware that appears to have infected point-of-sale systems and the way attackers first broke in.

The class of malware identified by Krebs is often referred to as a memory scraper, because it monitors the computer memory of POS terminals used by retailers. The malware searches for credit card data before it has been encrypted and sent to remote payment processors. The malware then "scrapes" the plain-text entries and dumps them into a database. Krebs continued:

While many software vendors run software license audits on customers, there are some key differences customers should be mindful of when it comes to IBM, according to a new report from advisory firm Miro Consulting.

A U.S. appeals court cleared the way for thousands of Silicon Valley workers to proceed as a group with a lawsuit alleging that technology companies including Google and Apple colluded to drive down employee compensation.

The very first road to the various app stores from Apple and Google was paved with native code. If you wanted to write for iOS, you learned Objective-C. If you wanted to tackle Android, Java was the only way. Similar issues popped up with all the other smaller players in the smartphone market.

Earlier this month, we reported that Microsoft would stop providing updates for Microsoft Security Essentials on Windows XP on April 8, the same day that it will cease providing security fixes for Windows XP. The company has now altered its stance and will produce signature updates for Security Essentials until July 14, 2015.

This change, it says, is to help organizations complete their migrations. Of course, using that rationale, the company should extend Windows XP's support until the heat death of the universe.

While it will provide updated signature definitions, the company warns that its research "shows that the effectiveness of anti-malware solutions on out-of-support operating systems is limited." In other words, it's hard to provide a robust anti-malware system when hostile code can penetrate processes and the kernel willy-nilly just through attacking the browser.

A group of businesses and universities, led by North Carolina State University, will work together to design and manufacture next-generation, low-power semiconductors, U.S. President Barack Obama said Wednesday.

Reports this week that the National Security Agency uses radio signals to collect data from tens of thousands of non-U.S. computers, some not connected to the Internet, is sure to fuel more acrimony towards the U.S. spy agency.

Windows XP owners can expect most antivirus vendors to continue providing up-to-date signatures long after Microsoft pulls its patch plug in April, but that won't keep their machines safe, an expert said today.

Microsoft today backpedaled from earlier decisions and said it would extend a limited helping hand to Windows XP users by offering both antivirus signatures and its own Security Essentials software for more than a year after it stops patching the aged OS.

Apple CEO Tim Cook's claim today that the company broke iPhone sales records in China during 2013's fourth quarter meant that the firm sold in excess of 10.4 million smartphones in the region, an IDC analyst said today.

I was still wiping the sleep from my eyes this morning when the nagging voice kicked in: before trawling the Internet for news, you better install yesterday's security updates.

It wasn't a pleasant thought, given the raft of patches released yesterday by Microsoft, Adobe, and Oracle for a variety of products. But as someone who has covered computer security for eight years, I've come to make updating a top priority. And for good reason. A large percentage of the booby-trapped websites that surreptitiously install malware on visitors' machines exploit vulnerabilities that have already been patched.

The recent hack on Yahoo's ad network, for instance, targeted two security flaws in the Java software framework that Oracle had fixed 17 and 24 months ago, Trend Micro reported in a blog post. Those who visited compromised Yahoo servers with up-to-date systems were immune to those attacks. By contrast, people using unpatched software were exposed to malicious payloads that installed the Dorkbot and Gamarue trojans, as well as malware that turned visitors' machines into Bitcoin miners.

Apple will pay at least $32.5 million to customers in a settlement over a U.S. Federal Trade Commission complaint that the company allowed children to run up huge in-app purchases on the company's devices.

Despite widespread criticism of this week's court ruling that the FCC can't keep broadband and mobile service providers from selectively blocking or slowing Web traffic and apps, the effects aren't obvious to most consumers.

LinuxSecurity.com: An updated Adobe Flash Player package that fixes two security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More...]

LinuxSecurity.com: It was discovered that djvulibre, the Open Source DjVu implementation project, can be crashed or possibly make it execute arbitrary code when processing a specially crafted djvu file. [More...]

LinuxSecurity.com: Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical [More...]

LinuxSecurity.com: Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More...]

Phil Zimmermann, creator of PGP e-mail encryption, is leading a team of security industry executives building an Android phone with a variety of built-in privacy tools.

"I've been interested in secure telephony for longer than I've been interested in secure e-mail," Zimmermann said in a video on so-called Blackphone's website. "I had to wait for the rest of the technology infrastructure to catch up to make it possible to do secure telephony. PGP was kind of a detour for me while waiting for the rest of the technology to catch up to make really good secure telephony possible."

The narrator of the Blackphone video ominously says, "Technology was supposed to make our lives better. Instead we have lost our privacy—we have become enslaved." The Blackphone website says the phone will use "PrivatOS," an Android-based operating system, while letting users "make and receive secure phone calls; exchange secure texts; exchange and store secure files; have secure video chat; browse privately; and anonymize your activity through a VPN."

What Healthcare Can Teach Us About App SecurityInformationWeekIt's a mission that's not so different from InfoSec. Here's our challenge: our increasing reliance on software is occurring exactly when two other trends are making security more difficult. First, software size, complexity, interconnection, and even ...

Playing on mobile users' fears of commercial and government surveillance, two companies are building a phone they say is designed to protect privacy. The joint venture between smartphone manufacturer Geeksphone and encrypted communications provider Silent Circle will unveil the new device called Blackphone at the Mobile World Congress show in Barcelona next month.

Top 10 Influencers in Government InfoSecGovInfoSecurity.comRecognizing the leaders who play a critical role in shaping the way governments approach information security and privacy, GovInfoSecurity announces its fifth annual list of Influencers. What makes an Influencer? It's a combination of position and know ...

While some vendor conferences can end up mired in technical minutiae, MicroStrategy believes it's better to show, not tell customers how its BI software works, according to its president, Paul Zolfaghari.

The D.C. Circuit Court of Appeals decision in Verizon v. FCC is a dangerously retrograde move that, by badly damaging the cause of net neutrality, harms American consumers and further insulates the already over-protected cable industry from any kind of meaningful competition.

Target said Monday it is investing US$5 million in a multi-year campaign
to educate the public on the dangers of scams, after the company disclosed
that up to 110 million people may have been affected by a data breach at
the retailer's U.S. stores.

WASHINGTON -- The National Security Agency has implanted software in
nearly 100,000 computers around the world that allows the United States to
conduct surveillance on those machines and can also create a digital
highway for launching cyberattacks.

The Ministry of Science, ICT and Future Planning warned yesterday that
North Korean hacking attempts have been detected recently at small and
midsize IT companies and institutions that deal directly with national
security.

The companies, especially those under contract with government agencies,
were affected by recent...